diff --git a/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java b/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java
index c9bd253..b18732a 100644
--- a/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java
+++ b/mdp-form/src/main/java/com/mdp/form/ctrl/FormDataController.java
@@ -7,6 +7,7 @@ import com.mdp.core.utils.BaseUtils;
 import com.mdp.core.utils.ObjectTools;
 import com.mdp.form.entity.FormDefVo;
 import com.mdp.form.entity.FormField;
+import com.mdp.form.entity.FormQx;
 import com.mdp.form.service.FormFieldService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -63,8 +64,49 @@ public class FormDataController {
 	@RequestMapping(value="/list",method=RequestMethod.GET)
 	public Result listFormData(@ApiIgnore @RequestParam Map<String,Object> params){
 		try {
+			String formId= (String) params.get("formId");
+			if(ObjectTools.isEmpty(formId)){
+				return Result.error("formId-required","表单编号不能为空");
+			}
+
+			FormDefVo formDefVo=formFieldService.getFormFieldFromCache(formId);
+			if(formDefVo==null){
+				return Result.error("formDef-0","表单不存在");
+			}
 			User user=LoginUtils.getCurrentUserInfo();
 			QueryWrapper<FormData> qw = QueryTools.initQueryWrapper(FormData.class , params);
+			FormQx formQx=formDefVo.getFormQx();
+
+			if(formQx!=null){
+				if("0".equals(formQx.getAllowOtherQuery())){
+					qw.eq("cuserid",user.getUserid());
+				}else{
+					boolean roleCheckOk=false;
+					boolean useridCheckOk=false;
+					boolean deptidCheckOk=false;
+					if(ObjectTools.isNotEmpty(formQx.getAllowQueryRoleids())){
+						if(LoginUtils.hasAnyRoles(formQx.getAllowQueryRoleids().split(","))){
+							roleCheckOk=true;
+						}
+					}
+					if(ObjectTools.isNotEmpty(formQx.getAllowQueryUserids())){
+						if(Arrays.stream(formQx.getAllowQueryUserids().split(",")).filter(k->user.getUserid().equals(k)).findAny().isPresent()){
+							useridCheckOk=true;
+						}
+					}
+
+					if(ObjectTools.isNotEmpty(formQx.getAllowQueryDeptids())){
+						if(Arrays.stream(formQx.getAllowQueryDeptids().split(",")).filter(k->user.getDeptid().equals(k)).findAny().isPresent()){
+							deptidCheckOk=true;
+						}
+					}
+					if(!(roleCheckOk||useridCheckOk||deptidCheckOk)){
+						return Result.error("no-qx-query","无权限查询");
+					}
+
+				}
+			}
+			qw.in("branch_id",user.getBranchId());
 			IPage page=QueryTools.initPage(params);
 			List<Map<String,Object>> datas = formDataService.selectListMapByWhere(page,qw,params);
 			return Result.ok("query-ok","查询成功").setData(datas).setTotal(page.getTotal());
diff --git a/mdp-form/src/main/java/com/mdp/form/service/FormDataService.java b/mdp-form/src/main/java/com/mdp/form/service/FormDataService.java
index b733aa2..8b69f56 100644
--- a/mdp-form/src/main/java/com/mdp/form/service/FormDataService.java
+++ b/mdp-form/src/main/java/com/mdp/form/service/FormDataService.java
@@ -69,6 +69,8 @@ public class FormDataService extends BaseService<FormDataMapper,FormData> {
 
 	}
 
+
+
 	/**
 	 * 创建业务主键
 	 * @param formFields